Tips for Safe Online Holiday Shopping
by Lance Rich, Exec. Vice President, Risk Management for Propay
The holiday season is upon us and many of us have started to make our lists for holiday gifts.
According to Zoomerang, the online survey company, 64% of consumers will conduct all or some
of their retail purchases online. Unfortunately, it’s also a lucrative season for fraudsters, who use the
jump in online traffic to illegally obtain the identities of unsuspecting online shoppers. To help, ProPay
has provided some easy security tips to help customers remain safer while shopping online during the holidays.
Be Leery of Phishing. Consumers can’t be expected to identify every advanced trend in phishing, but they can be aware of common red flags that could signify a potential phishing attack, which may include suspicious URLs, misspellings, and urgent requests for banking or personal information.
The SSL Standard. Secure Sockets Layers,more commonly known as SSL, helps ensure that Internet transmissions are encrypted and the identity of the organization has been verified. Consumers can verify if a site uses SSL via the “https://” in the address bar instead of the standard “http” format. Merchants will display the site seal of their SSL certificate provider either on their home page or during the checkout process. Take it a step further by clicking on the site seal to ensure it’s legitimate. Verify that the date and name of the organization are consistent with the site you’re visiting.
Trust your Gut. Tempting offers often arrive in your e-mail inbox. If something looks out of place, don’t click on the links, especially if they’re not from a vendor or organization you currently have a relationship with. Instead, navigate to the site yourself to validate the offer from the organization.
Update your Browser. Make sure you’re using the most up to date version of browsers from Microsoft Internet Explorer, Mozilla Firefox, and Apple Safari. They all feature more advanced anti-phishing tools helping make it even easier for you to stay safe. A computer should always have the most recent updates installed for spam filters, anti-virus and anti-spyware software, and a secure firewall.
Pay With a Credit Card – Card Brand rules allow the shopper to dispute charges if he or she doesn’t receive the item. Shoppers also have dispute rights if there are unauthorized charges on their credit card. Many card issuers have “zero liability” policies under which the card holder pays nothing if someone steals the credit card number and uses it. Most online retailers will require the three-digit Card Verification Value from the back of your credit card. If they don’t, think twice about completing the purchase.
Public Computer Use. Whenever possible, it’s best to avoid online transactions when connected to a public Wi-Fi, particularly if it’s unsecured. You never know who could be listening. If you do use a public computer, log out of any Web session that stores personal account or banking information. This simple practice is critical.
Monitor Your Account. While it’s a good habit to keep an eye on your banking account throughout the year, take a closer look during the holiday season particularly after purchasing products online. If your identity or account has been compromised, you may be able to limit fraud loss if it’s caught early
By incorporating these simple and easy steps you can enjoy a less stressful holiday shopping season and experience. Your friends at ProPay wish you luck with you business as well as a safe and joyful holiday season.
=====================================
Parallels has announced the following security vulnerability within Plesk. Please pay attention to this notification as it contains an Important Security Notification. More information can be found on the Parallels website, by visiting: http://www.parallels.com/products/plesk/proftpd
Affected Products: Parallels Plesk Panel 9.5x and 10 include this vulnerability (no prior versions included this version of the component). Parallels Small Business Panel 10.2 is also affected.
Details of the Vulnerability or Exploit: A flaw in ProFTPD FTP server potentially allows unauthenticated attackers to compromise a server. The problem is caused by a buffer overflow in the pr_netio_telnet_gets() function for evaluating TELNET IAC sequences. ProFTPD is capable of processing TELNET IAC sequences on port 21; the sequences enable or disable certain options not supported by the Telnet or FTP protocol itself. The buffer overflow allows attackers to write arbitrary code to the application’s stack and launch it. Updating to version 1.3.3c of ProFTPD solves the problem.
Fixes for the Vulnerability or Exploit: Parallels has used its micro-update patch functionality in Plesk 9.5x and 10.x to fix this exploit. You can run the Parallels AutoInstaller to fix this or check the Updates section of your Plesk Panel 9.5x or 10.x to fix this. This is a file-replace, as opposed to a new install so it will be quick and reliable. To find this in the GUI:
Parallels Plesk Panel 9.5x: “Home” -> “Updates” -> Select the Panel version which has updates -> click “Install” ?
* Parallels Plesk Panel 10.x:“Server Management” -> “Tools & Utilities” -> “Updates” -> “Update Components” -> click “Continue”
========================================
Network Tools
Network information:
Windows:
Find which application pool is using the most cpu/memory
When viewing Windows Task Manager, you may notice that the IIS process (w3wp.exe) is taking a lot of CPU or memory. The problem is that discovering which web site is causing the high resource utilization is difficult to do.
- In Windows Task Manager’s Process view, click on View and choose Select Columns
- Check PID (Process Identifier)
- Click OK
- Find the PID of the process using too many resources
- Open a command prompt
- Type the following:
- cd \Windows\System32
- cscript.exe iisapp.vbs